Rules: Add rules for yum
commands, #470
#471
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add four rules for
yum
commands warning on bad practices:yum update
yum install
without non-interactive flag-y
yum install -y <pkg>
without version pinningyum install ...
without also cleaning up withyum clean all
These four rules are accompanied by test for each rule.
Also included is a new helper function
Shell.anyCommands
.What I did
Add four rules for linting
yum
commands inRUN
layers. These four rules check for common mistakes and bad-practices withyum
in Dockerfiles.This PR is related to #470, but does not suffice to close it since
zypper
anddnf
checks are still missing.How I did it
I expanded the
Rules.hs
file. I also added a new helper function in theShell.hs
file:Shell.anyCommands
that works likeShell.allCommands
, except it matches on any instead of all commands in a shell line.How to verify it
Run the test suite, or run
hadolint
on this Dockerfile:The
FROM
and the lastRUN yum install..
line will not produce warnings and the other lines will each trigger a different combination of warnings foryum
.